<?php
	header ( 'content-type: application/json; charset=utf-8' ); 	

	define('ROOT_DIR', dirname(__FILE__).'/');

	ini_set('session.use_cookies', '0');
	
	$_REQUEST = array_merge($_GET, $_POST);
	
	require_once ROOT_DIR.'error_codes.php';
	require_once ROOT_DIR.'controls/sql_setup.php';
	require_once ROOT_DIR.'views/ResultJSON.php';
	require_once ROOT_DIR.'models/User.php';
	require_once ROOT_DIR.'controls/SessionManager.php';
	
	$action = '';
	if(isset($_REQUEST['action'])) $action = $_REQUEST['action'];
	
	if($action == 'login' && isset($_REQUEST['name']) && isset($_REQUEST['pw'])){
		require_once ROOT_DIR.'controls/action_login.php';
		login($_REQUEST['name'], $_REQUEST['pw']);
	} else if($action == 'checkIfValidSession' && isset($_REQUEST['sID']) && isset($_REQUEST['uID'])){
		require_once ROOT_DIR.'controls/action_checkIfValidSession.php';
		checkIfValidSession($_REQUEST['sID'], $_REQUEST['uID']);
	} else if(isset($_REQUEST['sID']) && $_REQUEST['sID'] != ''){
		if(SessionManager::continueSession($_REQUEST['sID'])){
			switch($action){
				case 'logout':
					require_once ROOT_DIR.'controls/action_logout.php';
					logout();
					break;
				case 'newUser':
					if(isset($_REQUEST['nick']) && isset($_REQUEST['pw']) && isset($_REQUEST['fN']) && isset($_REQUEST['lN']) && isset($_REQUEST['email'])){
						require_once ROOT_DIR.'controls/action_newUser.php';
						newUser(getRequestParam('nick'), getRequestParam('pw'), getRequestParam('fN'), getRequestParam('lN'), getRequestParam('email'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'editUser':
					if(isset($_REQUEST['uID']) && $_REQUEST['uID'] != ''){
						require_once ROOT_DIR.'controls/action_editUser.php';
						editUser(getRequestParam('uID'), getRequestParam('nick'), getRequestParam('nPw'), getRequestParam('oPw'), getRequestParam('fN'), getRequestParam('lN'), getRequestParam('email'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'deleteUser':
					if(isset($_REQUEST['uID']) && $_REQUEST['uID'] != ''){
						require_once ROOT_DIR.'controls/action_deleteUser.php';
						deleteUser(getRequestParam('uID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'getUser':
					if(isset($_REQUEST['uID']) && $_REQUEST['uID'] != ''){
						require_once ROOT_DIR.'controls/action_getUser.php';
						getUser(getRequestParam('uID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'getUsers':
					require_once ROOT_DIR.'controls/action_getUsers.php';
					getUsers(getRequestParam('lID'), getRequestParam('tID'), getRequestParam('from'), getRequestParam('rows'), getRequestParam('sort'), getRequestParam('order'));
					break;
				case 'newTodo':
					if(isset($_REQUEST['title']) && isset($_REQUEST['text']) && isset($_REQUEST['tD']) && isset($_REQUEST['pH'])){
						require_once ROOT_DIR.'controls/action_newTodo.php';
						newTodo(getRequestParam('title'), getRequestParam('text'), getRequestParam('tD'), getRequestParam('pH'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'editTodo':
					if(isset($_REQUEST['tID']) && $_REQUEST['tID'] != ''){
						require_once ROOT_DIR.'controls/action_editTodo.php';
						editTodo(getRequestParam('tID'), getRequestParam('title'), getRequestParam('text'), getRequestParam('tD'), getRequestParam('pH'), getRequestParam('status'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'deleteTodo':
					if(isset($_REQUEST['tID']) && $_REQUEST['tID'] != ''){
						require_once ROOT_DIR.'controls/action_deleteTodo.php';
						deleteTodo(getRequestParam('tID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'getTodo':
					if(isset($_REQUEST['tID']) && $_REQUEST['tID'] != ''){
						require_once ROOT_DIR.'controls/action_getTodo.php';
						getTodo(getRequestParam('tID'), getRequestParam('lL'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'getTodos':
					require_once ROOT_DIR.'controls/action_getTodos.php';
					getTodos(getRequestParam('uID'), getRequestParam('lID'), getRequestParam('from'), getRequestParam('rows'), getRequestParam('sort'), getRequestParam('order'), getRequestParam('iP'), getRequestParam('lL'));
					break;
				case 'addTodoToList':
					if(isset($_REQUEST['tID']) && $_REQUEST['tID'] != '' && isset($_REQUEST['lID']) && $_REQUEST['lID'] != ''){
						require_once ROOT_DIR.'controls/action_addTodoToList.php';
						addTodoToList(getRequestParam('tID'), getRequestParam('lID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'removeTodoFromList':
					if(isset($_REQUEST['tID']) && $_REQUEST['tID'] != '' && isset($_REQUEST['lID']) && $_REQUEST['lID'] != ''){
						require_once ROOT_DIR.'controls/action_removeTodoFromList.php';
						removeTodoFromList(getRequestParam('tID'), getRequestParam('lID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'addWorkinterval':
					if(isset($_REQUEST['tID']) && $_REQUEST['tID'] != '' && isset($_REQUEST['sD']) && $_REQUEST['sD'] != '' && isset($_REQUEST['eD']) && $_REQUEST['eD'] != ''){
						require_once ROOT_DIR.'controls/action_addWorkinterval.php';
						addWorkinterval(getRequestParam('tID'), getRequestParam('uID'), getRequestParam('sD'), getRequestParam('eD'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'getWorkintervals':
					if((isset($_REQUEST['tID']) && $_REQUEST['tID'] != '') || (isset($_REQUEST['uID']) && $_REQUEST['uID'] != '')){
						require_once ROOT_DIR.'controls/action_getWorkintervals.php';
						getWorkintervals(getRequestParam('tID'), getRequestParam('uID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'newList':
					if(isset($_REQUEST['title']) && isset($_REQUEST['text'])){
						require_once ROOT_DIR.'controls/action_newList.php';
						newList(getRequestParam('title'), getRequestParam('text'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'editList':
					if(isset($_REQUEST['lID']) && $_REQUEST['lID'] != ''){
						require_once ROOT_DIR.'controls/action_editList.php';
						editList(getRequestParam('lID'), getRequestParam('title'), getRequestParam('text'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'deleteList':
					if(isset($_REQUEST['lID']) && $_REQUEST['lID'] != ''){
						require_once ROOT_DIR.'controls/action_deleteList.php';
						deleteList(getRequestParam('lID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'getList':
					if(isset($_REQUEST['lID']) && $_REQUEST['lID'] != ''){
						require_once ROOT_DIR.'controls/action_getList.php';
						getList(getRequestParam('lID'), getRequestParam('fT'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'getListOverview':
					if(isset($_REQUEST['lID']) && $_REQUEST['lID'] != ''){
						require_once ROOT_DIR.'controls/action_getListOverview.php';
						getListOverview(getRequestParam('lID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'getLists':
					if((isset($_REQUEST['uID']) && $_REQUEST['uID'] != '') || (isset($_REQUEST['pub']) && $_REQUEST['pub'] != '')){
						require_once ROOT_DIR.'controls/action_getLists.php';
						getLists(getRequestParam('uID'), getRequestParam('pub'), getRequestParam('from'), getRequestParam('rows'), getRequestParam('sort'), getRequestParam('order'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'getListTitles':
					require_once ROOT_DIR.'controls/action_getListTitles.php';
					getListTitles(getRequestParam('from'), getRequestParam('rows'), getRequestParam('order'), getRequestParam('owner'));
					break;
				case 'shareList':
					if(isset($_REQUEST['lID']) && $_REQUEST['lID'] != ''){
						require_once ROOT_DIR.'controls/action_shareList.php';
						shareList(getRequestParam('lID'), getRequestParam('uID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'unshareList':
					if(isset($_REQUEST['lID']) && $_REQUEST['lID'] != ''){
						require_once ROOT_DIR.'controls/action_unshareList.php';
						unshareList(getRequestParam('lID'), getRequestParam('uID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'newMsg':
					if(isset($_REQUEST['title']) && isset($_REQUEST['text']) && (isset($_REQUEST['lMID']) || isset($_REQUEST['lTID']) || isset($_REQUEST['lLID']) || isset($_REQUEST['lUID']))){
						require_once ROOT_DIR.'controls/action_newMsg.php';
						newMsg(getRequestParam('title'), getRequestParam('text'), getRequestParam('lMID'), getRequestParam('lTID'), getRequestParam('lLID'), getRequestParam('lUID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'editMsg':
					if(isset($_REQUEST['mID']) && $_REQUEST['mID'] != ''){
						require_once ROOT_DIR.'controls/action_editMsg.php';
						editMsg(getRequestParam('mID'), getRequestParam('title'), getRequestParam('text'), getRequestParam('lMID'), getRequestParam('lTID'), getRequestParam('lLID'), getRequestParam('lUID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'deleteMsg':
					if(isset($_REQUEST['mID']) && $_REQUEST['mID'] != ''){
						require_once ROOT_DIR.'controls/action_deleteMsg.php';
						deleteMsg(getRequestParam('mID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'getMsg':
					if(isset($_REQUEST['mID']) && $_REQUEST['mID'] != ')'){
						require_once ROOT_DIR.'controls/action_getMsg.php';
						getMsg(getRequestParam('mID'), getRequestParam('fR'), getRequestParam('rO'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'getMsgs':
					if(isset($_REQUEST['lLID']) || isset($_REQUEST['lTID']) || isset($_REQUEST['lMID']) || isset($_REQUEST['lUID']) || isset($_REQUEST['aID'])){
						require_once ROOT_DIR.'controls/action_getMsgs.php';
						getMsgs(getRequestParam('lLID'), getRequestParam('lTID'), getRequestParam('lMID'), getRequestParam('lUID'), getRequestParam('aID'), getRequestParam('fR'), getRequestParam('from'), getRequestParam('rows'), getRequestParam('order'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'setUserTodoRole':
					if(isset($_REQUEST['tID']) && $_REQUEST['tID'] != '' && isset($_REQUEST['uID']) && $_REQUEST['uID'] != '' && isset($_REQUEST['role']) && ($_REQUEST['role'] == 'rP' || $_REQUEST['role'] == 'c')){
						require_once ROOT_DIR.'controls/action_setUserTodoRole.php';
						setUserTodoRole(getRequestParam('tID'), getRequestParam('uID'), getRequestParam('role'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				case 'removeUserFromTodo':
					if(isset($_REQUEST['tID']) && $_REQUEST['tID'] != '' && isset($_REQUEST['uID']) && $_REQUEST['uID'] != ''){
						require_once ROOT_DIR.'controls/action_removeUserFromTodo.php';
						removeUserFromTodo(getRequestParam('uID'), getRequestParam('tID'));
					} else echoError(ERROR_REQUEST_PARAM_MISSING);
					break;
				default:
					$res = new ResultJSON(true, $_REQUEST['sID'], ERROR_UNKNOWN_ACTION);
					echo $res->renderView();
					break;
			}
		} else {
			$res = new ResultJSON(true, $_REQUEST['sID'], SessionManager::getLastError());
			echo $res->renderView();
		}
	} else {
		$res = new ResultJSON(true, '', ERROR_INVALID_REQUEST);
		echo $res->renderView();
	}
	
	/**
	 * Echos the given error as ResponseJSON
	 * @param int $error
	 */
	function echoError($error){
		$res = new ResultJSON(true, '', $error);
		echo $res->renderView();
	}
	
	/**
	 * Returns the value of the $_REQUEST array with the given name. If the name doesn't exist within the $_REQUEST array null is returned.
	 * @param string $name
	 * @return The value stored under the given name or null
	 */
	function getRequestParam($name){
		if(isset($_REQUEST[$name])){
			if(get_magic_quotes_gpc()) $_REQUEST[$name] = stripslashes($_REQUEST[$name]);
			if($_REQUEST[$name] == 'true') return true;
			else if($_REQUEST[$name] == 'false') return false;
			else return $_REQUEST[$name];
		} else {
			return null;
		}
	}
	
?>